package com.example.ssm_lab1.controller;

import org.apache.commons.dbcp.BasicDataSource;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

@Controller
@RequestMapping("user")
public class UserController extends BaseController{

    private BasicDataSource basicDataSource;

    public UserController(BasicDataSource basicDataSource) {
        this.basicDataSource = basicDataSource;
    }

    @RequestMapping("signUP")
    private String signUp(@RequestParam String name ,@RequestParam String password) throws SQLException {
//        String name = request.getParameter("name");
//        String password = request.getParameter("password");

        Connection connection = basicDataSource.getConnection();
        String sqlSelect = "select * from db_user.user where name = ?";
        String sql = "insert into db_user.user(name,password) values(?,?)";
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;

        try {
            PreparedStatement preparedStatementSelect = connection.prepareStatement(sqlSelect);
            preparedStatementSelect.setString(1, name);
            resultSet = preparedStatementSelect.executeQuery();
            if (resultSet.next()) {
                request.getSession().setAttribute("error","Name already exists!");
                return "redirect:/sign_up.jsp";
            } else {
                PreparedStatement preparedStatementInsert = connection.prepareStatement(sql);
                preparedStatementInsert.setString(1, name);
                preparedStatementInsert.setString(2, password);
                preparedStatementInsert.executeUpdate();
                return "redirect:/index.jsp";
            }
        } catch (SQLException e) {
            throw new RuntimeException(e);
        }
    }
    @RequestMapping("signIn")
    private String signIn(@RequestParam String name ,@RequestParam String password) throws SQLException {
//        String name = request.getParameter("name");
//        String password = request.getParameter("password");
//        Connection connection = DB.getConnection();

        Connection connection = basicDataSource.getConnection();
        String sql = "select * from db_user.user where name = ? and password = ?";

        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;

        try {
            preparedStatement = connection.prepareStatement(sql);
            preparedStatement.setString(1,name);
            preparedStatement.setString(2,password);
            resultSet = preparedStatement.executeQuery();
            if (resultSet.next()){
                request.getSession().setAttribute("name",name);
                return "redirect:/home.jsp";
            }else {
                request.getSession().setAttribute("error","The name or password is error !");
                return "redirect:/index.jsp";
            }
        } catch (SQLException e) {
            throw new RuntimeException(e);
        }finally {
            DB.close(resultSet,preparedStatement,connection);
        }


    }
    @RequestMapping("signOut")
    private String signOut(){
        session.invalidate();
        return "redirect:/index.jsp";
    }

}
